mirror of
https://github.com/smartfrigde/armcord.git
synced 2024-08-14 23:56:58 +00:00
Update WindowOpenHandler to be much more secure
This commit is contained in:
parent
12352e3536
commit
54b1481a4e
1 changed files with 36 additions and 2 deletions
|
@ -4,7 +4,7 @@
|
||||||
// I'm sorry for this mess but I'm not sure how to fix it.
|
// I'm sorry for this mess but I'm not sure how to fix it.
|
||||||
import {BrowserWindow, shell, app, ipcMain, dialog, clipboard} from "electron";
|
import {BrowserWindow, shell, app, ipcMain, dialog, clipboard} from "electron";
|
||||||
import path from "path";
|
import path from "path";
|
||||||
import {checkIfConfigIsBroken, firstRun, getConfig, contentPath, isSetup} from "./utils";
|
import {checkIfConfigIsBroken, firstRun, getConfig, contentPath, isSetup, setConfig} from "./utils";
|
||||||
import {registerIpc} from "./ipc";
|
import {registerIpc} from "./ipc";
|
||||||
import startServer from "./socket";
|
import startServer from "./socket";
|
||||||
import contextMenu from "electron-context-menu";
|
import contextMenu from "electron-context-menu";
|
||||||
|
@ -21,11 +21,45 @@ contextMenu({
|
||||||
});
|
});
|
||||||
|
|
||||||
async function doAfterDefiningTheWindow() {
|
async function doAfterDefiningTheWindow() {
|
||||||
|
var ignoreProtocolWarning = await getConfig("ignoreProtocolWarning");
|
||||||
checkIfConfigIsBroken();
|
checkIfConfigIsBroken();
|
||||||
registerIpc();
|
registerIpc();
|
||||||
mainWindow.webContents.userAgent = `Mozilla/5.0 (X11; ${os.type()} ${os.arch()}) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36`; //fake useragent for screenshare to work
|
mainWindow.webContents.userAgent = `Mozilla/5.0 (X11; ${os.type()} ${os.arch()}) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36`; //fake useragent for screenshare to work
|
||||||
mainWindow.webContents.setWindowOpenHandler(({url}) => {
|
mainWindow.webContents.setWindowOpenHandler(({url}) => {
|
||||||
shell.openExternal(url);
|
if (url.startsWith("https:" || url.startsWith("http:") || url.startsWith("mailto:"))) {
|
||||||
|
shell.openExternal(url);
|
||||||
|
} else {
|
||||||
|
if (ignoreProtocolWarning) {
|
||||||
|
shell.openExternal(url);
|
||||||
|
} else {
|
||||||
|
const options = {
|
||||||
|
type: "question",
|
||||||
|
buttons: ["Yes, please", "No, I don't"],
|
||||||
|
defaultId: 1,
|
||||||
|
title: url,
|
||||||
|
message: `Do you want to open ${url}?`,
|
||||||
|
detail: "This url was detected to not use normal browser protocols. It could mean that this url leads to a local program on your computer. Please check if you recognise it, before proceeding!",
|
||||||
|
checkboxLabel: "Remember my answer and ignore this warning for future sessions",
|
||||||
|
checkboxChecked: false
|
||||||
|
};
|
||||||
|
|
||||||
|
dialog.showMessageBox(mainWindow, options).then(({response, checkboxChecked}) => {
|
||||||
|
console.log(response, checkboxChecked);
|
||||||
|
if (checkboxChecked) {
|
||||||
|
if (response == 0) {
|
||||||
|
setConfig("ignoreProtocolWarning", true);
|
||||||
|
} else {
|
||||||
|
setConfig("ignoreProtocolWarning", false);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
if (response == 0) {
|
||||||
|
shell.openExternal(url);
|
||||||
|
} else {
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
}
|
||||||
return {action: "deny"};
|
return {action: "deny"};
|
||||||
});
|
});
|
||||||
mainWindow.webContents.session.webRequest.onBeforeRequest((details, callback) => {
|
mainWindow.webContents.session.webRequest.onBeforeRequest((details, callback) => {
|
||||||
|
|
Loading…
Reference in a new issue